Python Django OAuth2无效的授权类型
我正在使用Django OAuth Toolkit,并且我成功地创建了注册调用-这反过来会给我以下响应:Python Django OAuth2无效的授权类型,python,django,oauth-2.0,Python,Django,Oauth 2.0,我正在使用Django OAuth Toolkit,并且我成功地创建了注册调用-这反过来会给我以下响应: { "username": "boban16", "client_id": "sxFB8WOd5qupdyp5c4pjJHXAQQFPVCW7FKA3SUmy", "client_secret": "3nUreBDpx9cCSEeVyOhpXZ76Om0keOxFwK2rRQJNK5wvYuA1tUF37sH0Of473wCgeJ3tCmflN9kPnP9VkgepWxrARC6
{
"username": "boban16",
"client_id": "sxFB8WOd5qupdyp5c4pjJHXAQQFPVCW7FKA3SUmy",
"client_secret": "3nUreBDpx9cCSEeVyOhpXZ76Om0keOxFwK2rRQJNK5wvYuA1tUF37sH0Of473wCgeJ3tCmflN9kPnP9VkgepWxrARC6iimqI6y34pyVU7otlcXHjS2SSOmsP2c0XNxrA"
}
{
"error_description": "Invalid credentials given.",
"error": "invalid_grant"
}
curl -v http://127.0.0.1:8000/o/token/ -X POST -u "<client_id>:<client_secret>" -d "grant_type=client_credentials"
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
* Server auth using Basic with user 'JNBUdgUJ44ndu49yeokHxU0ZUNfIbpdESC8PVTQU'
> POST /o/token/ HTTP/1.1
> Authorization: Basic Sk5CVWRnVUo0NG5kdTQ5eWVva0h4VTBaVU5mSWJwZEVTQzhQVlRRVTpaQVNwZ0xLY3didXA2ajJ2YlJqakc1WlFZenpWWFZWQU5HcHJ0WWZVNnIya2VpUkEzZW9vNlh5M0tSMENkOGpWN3FLT2xFTENoTHZTUk5vTzBkUE5YNGdoRXdvRnB4UDNKbHdxY0FqRkpIV0RmSkJzYnpmNjJ5dE5DaEFVM29RcA==
> User-Agent: curl/7.37.1
> Host: 127.0.0.1:8000
> Accept: */*
> Content-Length: 29
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 29 out of 29 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Date: Sat, 13 Jun 2015 16:14:19 GMT
< Server: WSGIServer/0.2 CPython/3.4.3
< Content-Type: application/json
< Cache-Control: no-store
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
<
* Closing connection 0
{"error": "unauthorized_client"}
因此,我现在尝试使用Postman应用程序调用生成令牌-请求如下所示:
以下是回应:
{
"username": "boban16",
"client_id": "sxFB8WOd5qupdyp5c4pjJHXAQQFPVCW7FKA3SUmy",
"client_secret": "3nUreBDpx9cCSEeVyOhpXZ76Om0keOxFwK2rRQJNK5wvYuA1tUF37sH0Of473wCgeJ3tCmflN9kPnP9VkgepWxrARC6iimqI6y34pyVU7otlcXHjS2SSOmsP2c0XNxrA"
}
{
"error_description": "Invalid credentials given.",
"error": "invalid_grant"
}
curl -v http://127.0.0.1:8000/o/token/ -X POST -u "<client_id>:<client_secret>" -d "grant_type=client_credentials"
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
* Server auth using Basic with user 'JNBUdgUJ44ndu49yeokHxU0ZUNfIbpdESC8PVTQU'
> POST /o/token/ HTTP/1.1
> Authorization: Basic Sk5CVWRnVUo0NG5kdTQ5eWVva0h4VTBaVU5mSWJwZEVTQzhQVlRRVTpaQVNwZ0xLY3didXA2ajJ2YlJqakc1WlFZenpWWFZWQU5HcHJ0WWZVNnIya2VpUkEzZW9vNlh5M0tSMENkOGpWN3FLT2xFTENoTHZTUk5vTzBkUE5YNGdoRXdvRnB4UDNKbHdxY0FqRkpIV0RmSkJzYnpmNjJ5dE5DaEFVM29RcA==
> User-Agent: curl/7.37.1
> Host: 127.0.0.1:8000
> Accept: */*
> Content-Length: 29
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 29 out of 29 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Date: Sat, 13 Jun 2015 16:14:19 GMT
< Server: WSGIServer/0.2 CPython/3.4.3
< Content-Type: application/json
< Cache-Control: no-store
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
<
* Closing connection 0
{"error": "unauthorized_client"}
这是我在url.py中的代码
urlpatterns = patterns('',
url(r'^sign_up/$', SignUp.as_view(), name="sign_up"),
url(r'^login/$', Login.as_view(), name="login"),
url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
)
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
# 'rest_framework.authentication.BasicAuthentication',
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.AllowAny',
),
}
这是设置.py的一部分
urlpatterns = patterns('',
url(r'^sign_up/$', SignUp.as_view(), name="sign_up"),
url(r'^login/$', Login.as_view(), name="login"),
url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
)
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
# 'rest_framework.authentication.BasicAuthentication',
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.AllowAny',
),
}
我不确定问题出在哪里,如何解决。有人对如何使它工作有什么建议吗?非常感谢
-------更新--------
我终于得到了一些回应:
{
"username": "boban16",
"client_id": "sxFB8WOd5qupdyp5c4pjJHXAQQFPVCW7FKA3SUmy",
"client_secret": "3nUreBDpx9cCSEeVyOhpXZ76Om0keOxFwK2rRQJNK5wvYuA1tUF37sH0Of473wCgeJ3tCmflN9kPnP9VkgepWxrARC6iimqI6y34pyVU7otlcXHjS2SSOmsP2c0XNxrA"
}
{
"error_description": "Invalid credentials given.",
"error": "invalid_grant"
}
curl -v http://127.0.0.1:8000/o/token/ -X POST -u "<client_id>:<client_secret>" -d "grant_type=client_credentials"
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
* Server auth using Basic with user 'JNBUdgUJ44ndu49yeokHxU0ZUNfIbpdESC8PVTQU'
> POST /o/token/ HTTP/1.1
> Authorization: Basic Sk5CVWRnVUo0NG5kdTQ5eWVva0h4VTBaVU5mSWJwZEVTQzhQVlRRVTpaQVNwZ0xLY3didXA2ajJ2YlJqakc1WlFZenpWWFZWQU5HcHJ0WWZVNnIya2VpUkEzZW9vNlh5M0tSMENkOGpWN3FLT2xFTENoTHZTUk5vTzBkUE5YNGdoRXdvRnB4UDNKbHdxY0FqRkpIV0RmSkJzYnpmNjJ5dE5DaEFVM29RcA==
> User-Agent: curl/7.37.1
> Host: 127.0.0.1:8000
> Accept: */*
> Content-Length: 29
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 29 out of 29 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Date: Sat, 13 Jun 2015 16:14:19 GMT
< Server: WSGIServer/0.2 CPython/3.4.3
< Content-Type: application/json
< Cache-Control: no-store
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
<
* Closing connection 0
{"error": "unauthorized_client"}
curl-vhttp://127.0.0.1:8000/o/token/ -X POST-u:“-d”授予类型=客户端凭据”
以下是回应:
{
"username": "boban16",
"client_id": "sxFB8WOd5qupdyp5c4pjJHXAQQFPVCW7FKA3SUmy",
"client_secret": "3nUreBDpx9cCSEeVyOhpXZ76Om0keOxFwK2rRQJNK5wvYuA1tUF37sH0Of473wCgeJ3tCmflN9kPnP9VkgepWxrARC6iimqI6y34pyVU7otlcXHjS2SSOmsP2c0XNxrA"
}
{
"error_description": "Invalid credentials given.",
"error": "invalid_grant"
}
curl -v http://127.0.0.1:8000/o/token/ -X POST -u "<client_id>:<client_secret>" -d "grant_type=client_credentials"
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
* Server auth using Basic with user 'JNBUdgUJ44ndu49yeokHxU0ZUNfIbpdESC8PVTQU'
> POST /o/token/ HTTP/1.1
> Authorization: Basic Sk5CVWRnVUo0NG5kdTQ5eWVva0h4VTBaVU5mSWJwZEVTQzhQVlRRVTpaQVNwZ0xLY3didXA2ajJ2YlJqakc1WlFZenpWWFZWQU5HcHJ0WWZVNnIya2VpUkEzZW9vNlh5M0tSMENkOGpWN3FLT2xFTENoTHZTUk5vTzBkUE5YNGdoRXdvRnB4UDNKbHdxY0FqRkpIV0RmSkJzYnpmNjJ5dE5DaEFVM29RcA==
> User-Agent: curl/7.37.1
> Host: 127.0.0.1:8000
> Accept: */*
> Content-Length: 29
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 29 out of 29 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Date: Sat, 13 Jun 2015 16:14:19 GMT
< Server: WSGIServer/0.2 CPython/3.4.3
< Content-Type: application/json
< Cache-Control: no-store
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
<
* Closing connection 0
{"error": "unauthorized_client"}
在DNS缓存中找不到主机名
*正在尝试127.0.0.1。。。
*连接到127.0.0.1(127.0.0.1)端口8000(#0)
*与用户“JNBUGUJ44NDU49YEOKHXU0ZUNFIBPDESC8PVTQU”一起使用Basic进行服务器身份验证
>POST/o/token/HTTP/1.1
>授权:基本SK5CVRNVU0NG5KDTQ5EWVVA0H4VTBAVU5MSWJWZEVTQZHQVLRRVTPAQVNWZ0XLY3DIDXA2AJJ2YLJQAKC1WLFZENPWZWQU5HCHJ0WWZVNNIYA2VPUKEZW9VNLH0TSMENKOGPWN3FLT2XFTENOTHZTUK5VTZB5VTZBKUYNY0RKPIV0RMSKJZYNPJ5DEFVM29RCA==
>用户代理:curl/7.37.1
>主持人:127.0.0.1:8000
>接受:*/*
>内容长度:29
>内容类型:application/x-www-form-urlencoded
>
*上传已完全发送:29个字节中的29个
*HTTP 1.0,假设在正文之后关闭
正如你在回应中看到的那样——我得到了授权令牌,但最后它说——未经授权的客户端。这样行不行?谢谢 我解决了这个问题 post_save signal自动创建应用程序时出现问题
def create_auth_client(sender, instance=None, created=False, **kwargs):
"""
Intended to be used as a receiver function for a `post_save` signal
on a custom User model
Creates client_id and client_secret for authenticated users
"""
if created:
Application.objects.create(user=instance,
client_type=Application.CLIENT_CONFIDENTIAL,
authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS)
# TODO
post_save.connect(create_auth_client, sender=User)
现在这是正确的解决方案。然后,您可以使用这些调用来注册/获取oauth2令牌:
curl -X POST -F "username=test1" -F "password=test1" http://127.0.0.1:8000/sign_up/
curl -X POST -d "grant_type=client_credentials" -u "<client_id>:<client_secret>" http://127.0.0.1:8000/o/token/
curl-X POST-F“username=test1”-F“password=test1”http://127.0.0.1:8000/sign_up/
curl-X POST-d“授权类型=客户端凭据”-u”:http://127.0.0.1:8000/o/token/